[openSUSE-SU-2017:3434-1] Security update for Mozilla Thunderbird
Severity
Important
Affected Packages
5
CVEs
4
Security update for Mozilla Thunderbird
This update for Mozilla Thunderbird to version 52.5.2 fixes the following vulnerabilities:
- CVE-2017-7846: JavaScript Execution via RSS in mailbox:// origin (bsc#1074043)
- CVE-2017-7847: Local path string can be leaked from RSS feed (bsc#1074044)
- CVE-2017-7848: RSS Feed vulnerable to new line Injection (bsc#1074045)
- CVE-2017-7829: From address with encoded null character is cut off in message header display (bsc#1074046)
- ID
- openSUSE-SU-2017:3434-1
- Severity
- important
- URL
- https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/AP5ZAGU2HEQMTGXGL2VCNWZVK7AJTIMO/#AP5ZAGU2HEQMTGXGL2VCNWZVK7AJTIMO
- Published
-
2017-12-24T22:29:25
(6 years ago) - Modified
-
2017-12-24T22:29:25
(6 years ago) - Rights
- Copyright 2024 SUSE LLC. All rights reserved.
- Other Advisories
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:rpm/opensuse/MozillaThunderbird?arch=x86_64&distro=opensuse-12&repo=suse-package-hub | opensuse | MozillaThunderbird | < 52.5.2-51.1 | opensuse-12 | x86_64 | |
Affected | pkg:rpm/opensuse/MozillaThunderbird-translations-other?arch=x86_64&distro=opensuse-12&repo=suse-package-hub | opensuse | MozillaThunderbird-translations-other | < 52.5.2-51.1 | opensuse-12 | x86_64 | |
Affected | pkg:rpm/opensuse/MozillaThunderbird-translations-common?arch=x86_64&distro=opensuse-12&repo=suse-package-hub | opensuse | MozillaThunderbird-translations-common | < 52.5.2-51.1 | opensuse-12 | x86_64 | |
Affected | pkg:rpm/opensuse/MozillaThunderbird-devel?arch=x86_64&distro=opensuse-12&repo=suse-package-hub | opensuse | MozillaThunderbird-devel | < 52.5.2-51.1 | opensuse-12 | x86_64 | |
Affected | pkg:rpm/opensuse/MozillaThunderbird-buildsymbols?arch=x86_64&distro=opensuse-12&repo=suse-package-hub | opensuse | MozillaThunderbird-buildsymbols | < 52.5.2-51.1 | opensuse-12 | x86_64 |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |